A. Field of the Invention
The present invention relates to the field of secured on-line postage processing systems.
B. Background Art
The United States Postal Service (USPS) processes over 165 billion pieces of mail each year and generates revenue of about 60 billion dollars annually. A significant percentage of the revenue, about 20 billion dollars, is from metered mail. Metered mail is generated by utilizing postage meters that print a special mark, also known as postal indicia on mail pieces. Current postal indicia contains only human readable information such as meter serial number, date of mail, postage value, and local post office information. Because the existing postage meters and indicia are not very secure the postage meters are vulnerable to fraudulent attacks. The US General Accounting Office recently estimated that postage meter fraud has cost the USPS in excess of 100 million dollars every year. The existing postage meters are vulnerable to tampering and the indicia generated by the postage meters can be forged or copied. To alleviate these problems the USPS recently announced the Information Based Indicia Program (IBIP) under which cryptographic postage indicia is to be used in place of existing postage indicia.
The use of personal computers (PC) and communication modems (CM) has increased significantly in recent years and is expected to continue to grow. Using electronic mail capabilities, PC users communicate more frequently amongst themselves. Additionally, centralized computer systems have evolved allowing PC users to access large databases. Such databases include various information libraries: news, weather, sports, stock markets, entertainment, education, and so on. Access to such databases is commonly controlled so that users must subscribe to the centralized computer systems. In a typical session, the user connects to the centralized computer system using the PC, transfers information to the user's PC, and uses the information without further connection to the database of the centralized computer system. The centralized computer system enables a large number of users to concurrently access the database of the central computer system.
While centralized computer systems frequently provide access to information databases, such systems less frequently provide access to copyrighted application software. The primary reason for not providing copyrighted application software from databases of centralized computer systems is due to a lack of tamper-proof security methods and apparatuses for preventing unauthorized copying of copyrighted application software. Prior art systems do not provide a comprehensive method or apparatus for permitting the rental of copyrighted application software without having any possibility of the copyrighted application software being copied and used without being connected to the database.
A prior art system, disclosed in U.S. Pat. Nos. 4,796,181 and 5,047,928 issued to John D. Wiedemer on Jan. 3, 1989 and Sep. 10, 1991, respectively, implements a computer software security and billing system that enciphers an application program using a numeric key. The computer of the user requires a hardware security device and a removable billing device. Both devices carry unique codes. The security device containing the billing device is coupled to the user's computer. A security program accesses the application software and writes billing information into the billing device. The billing module must be periodically replaced so the user can be charged for the software usage. Thus, the system of Wiedemer is directed to a security device including a billing device that is installed in a user's computer for enciphering/deciphering software and billing for usage of the software. This system disadvantageously requires special hardware for billing use of application software and does not use a dynamic password for preventing unauthorized use of application software.
Another prior art system, disclosed in U.S. Pat. No. 4,999,806 issued to Fred Chernow, et al., on Mar. 12, 1991, is a system for distributing software by telephone. A central station accepts credit card information, transmits an acceptance code to a caller, and terminates the call. The central station first verifies the caller's credit card, and then calls back the caller. The transaction is continued after receiving the acceptance code. The central station transfers a control transfer program and initialization program to the caller. The caller (or purchaser) executes the initialization program so that the central station can control the caller's computer. The control transfer program then transfers a protection program for ensuring that a copying program is not resident in the memory of the caller's computer. A storing program is then transferred to the caller's computer for modifying the purchased program for storage on the caller's computer. The purchased program is then transferred to the caller's computer. During execution of the system for distributing software, the various transmitted programs are erased so that only a copy of the purchased software remains on the caller's computer. Thus, the system of Chernow, et al., is directed to a system of transmitting copy protected versions of software to a caller's computer for a limited amount of time similar to a demonstration. The system of Chernow et al., is similar to copy protection of software and does not use a dynamic password for preventing unauthorized use of application software.
A further prior art system, disclosed in U.S. Pat. No. 5,138,712 issued to John R. Corbin on Aug. 11, 1992, implements a method and apparatus for licensing software on a computer network. Encrypted license information is stored in a license token, and is sorted in a database controlled by a license server. To access a program, the license server locates the correct license token for a software application and transmits the license token to a license library. The application has an attached application specific license access module that decodes the licensing token. The license information is verified by license library routines coupled to the software application. The license is then checked out and the license token is updated. The application specific license access module encodes the updated license token before returning it to the license server. Thus, only a single application can be breached by unauthorized cracking of an encrypted application. Thus, the system of Corbin is directed to providing network protection against unauthorized use of software in a computer network.
With respect to secured on-line postage processing systems the USPS under the IBIP activities published specifications for IBIP postage meters that identifies a special purpose hardware device known as a Postal Security Device (PSD) that is to be located at a user's site. The PSD in conjunction with the user's personal computer and printer will function as the IBIP postage meter. The USPS published a number of documents describing the PSD specifications, the cryptographic indicia specifications and other related and relevant information. The present invention includes a new method and apparatus for implementation of a IBIP postage meter. In one embodiment the invention does not require any special purpose hardware device at the user site and operates as a virtual postage meter.
This virtual postage meter satisfies all the security and other cryptographic indicia related requirements specified by the USPS.